Cyber Posture

CVE-2025-3018

MediumPublic PoC

Published: 31 March 2025

Published
31 March 2025
Modified
07 April 2025
KEV Added
Patch
CVSS Score 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS Score 0.0014 33.4th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may leverage databases to mine valuable information.

Security Summary

CVE-2025-3018 is a critical SQL injection vulnerability (CWE-74, CWE-89) in SourceCodester Online Eyewear Shop 1.0. The flaw resides in an unknown function within the file /classes/Users.php?f=delete, where manipulation of the ID argument triggers the injection.

The vulnerability is exploitable remotely over the network with low attack complexity and requires low privileges (PR:L) but no user interaction (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L, score 6.3). An authenticated attacker with basic access can leverage it to achieve limited impacts on confidentiality, integrity, and availability, such as partial data exposure, modification, or disruption.

VulDB advisories (ctiid.302070, id.302070, submit.524623) document the issue, and a public exploit is available on GitHub at csemfl/cve/blob/main/sql.md. The vendor's site is sourcecodester.com, but no patches or specific mitigations are detailed in the provided references.

Details

CWE(s)
CWE-74CWE-89

Affected Products

oretnom23
online eyewear shop
1.0

MITRE ATT&CK Enterprise Techniques

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1213.006 Databases Collection
Adversaries may leverage databases to mine valuable information.
attack.mitre.org →
Why these techniques?

SQL injection in public-facing web application (/classes/Users.php?f=delete) enables exploitation for initial access (T1190) and data collection from databases via arbitrary SQL queries (T1213.006).

References